Friday, 31 January 2014

A really bad year for the world's second-largest email service provider, Yahoo Mail! The company announced today, 'we identified a coordinated effort to gain unauthorized access to Yahoo Mail accounts', user names and passwords of its email customers have been stolen and are used to access multiple accounts.

Yahoo did not say how many accounts have been affected, and neither they are sure about the source of the leaked users' credentials. It appears to have come from a third party database being compromised, and not an infiltration of Yahoo's own servers.

"We have no evidence that they were obtained directly from Yahoo’s systems. Our ongoing investigation shows that malicious computer software used the list of usernames and passwords to access Yahoo Mail accounts. The information sought in the attack seems to be names and email addresses from the affected accounts’ most recent sent emails."

For now, Yahoo is taking proactive actions to protect their affected users, "We are resetting passwords on impacted accounts and we are using second sign-in verification to allow users to re-secure their accounts. Impacted users will be prompted (if not, already) to change their password and may receive an email notification or an SMS text if they have added a mobile number to their account."

People frequently use the same passwords on multiple accounts, so possibly hackers are brute-forcing Yahoo accounts with the user credentials stolen from other data breaches.

Yahoo users can prevent account hijacks by using a strong and unique password. You can use 'Random strong password generator' feature of DuckDuckGo search engine to get a unique & strong password.

Users are also recommended to enable two-factor authentication, which requires a code texted to the legitimate user's mobile phone whenever a login attempt is made from a new computer.

Yahoo! was hacked in July 2012, with attackers stealing 450,000 email addresses and passwords from a Yahoo! contributor network.

Tuesday, 28 January 2014

The FBI has arrested five people in connection with what it says are several hacking-for-hire websites.

Two men have been charged with running and three others with being customers of websites that allegedly offered to obtain access to email accounts.

The swoop against the sites was co-ordinated with police forces in Romania, India and China.

Six other alleged administrators of such sites were arrested as part of the overseas element of the operation.

Mark Anthony Townsend and Joshua Alan Tabor, both of Arkansas, have been charged with operating the needapassword.com website that, according the FBI, charged people to find passwords for about 6,000 email accounts.

If the two are found guilty they face up to five years in jail for computer fraud offences.

The other three people have been charged with paying, between them, more than $23,000 (£14,000) to similar hacker-for-hire websites outside the US to find passwords for a wide variety of email accounts.

Paying a hacker to act on your behalf is a "misdemeanour offense" and if found guilty each defendant could go to a federal jail for 12 months.

In a statement, the FBI said it expected all five defendants to plead guilty.

Four people in Romania, one person in India and one in China were also arrested in connection with websites that allegedly offered to obtain a password for any email account for between $100 (£60) and $500 (£300).

Wednesday, 22 January 2014

The passwords and other details of 16 million email users in Germany have been stolen, the country's security agency has revealed.

The Federal Office for Security said criminals had infected computers with software which allowed them to gather email addresses and account passwords.

The agency has not commented on what progress it has made in tracking down the hackers.

It has set up a website for people to check whether they have been victims.

The agency learnt that the online criminals had managed to infect millions of computers with a program that would enrol them on to a network from where data could be stolen.

It believes most of those targeted are in Germany as many of the email addresses end in .de which is the identifier for German web addresses.

The scale of the attack is the equivalent of almost a fifth of the German population being at risk.

The BBC's correspondent in Germany, Steve Evans, said that so many people were anxious to check if they were victims of this hack that they overwhelmed the official security website causing it to crash.

Credit card details from almost half of all South Koreans have been stolen and sold to marketing firms.

The data was stolen by a computer contractor working for a company called the Korea Credit Bureau that produces credit scores.

The names, social security numbers and credit card details of 20 million South Koreans were copied by the IT worker.

The scale of the theft became apparent after the contractor at the centre of the breach was arrested.

Unprotected data

Managers at the marketing firms which allegedly bought the data were also arrested.

Early reports suggest that the contractor got hold of the giant trove of data thanks to the access Korea Credit Bureau enjoys to databases run by three big South Korean credit card firms. The contractor stole the data by copying it to a USB stick.

Regulators are now looking into security measures at the three firms - KB Kookmin Card, Lotte Card, and NH Nonghyup Card - to ensure data stays safe. A task force has been set up to investigate the impact of the theft.

The three bosses of the credit card firms involved made a public apology for the breach.

In a statement the Financial Services Commission, Korea's national financial regulator, said: "The credit card firms will cover any financial losses caused to their customers due to the latest accident."

Another official at the FSC said the data was easy to steal because it was unencrypted and the credit card firms did not know it had been copied until investigators told them about the theft.

This theft of consumer data is just the latest to hit South Korea. In 2012, two hackers were arrested for getting hold of the details of 8.7 million subscribers to KT Mobile. Also, in 2011, details of more than 35 million accounts of South Korean social network Cyworld were exposed in an attack.

A Bitcoin storage service that insures deposits of the digital currency against loss and theft has launched in London.

Elliptic Vault uses "deep cold storage", where private encrypted keys to bitcoins are stored on offline servers and in a secure location.

The facility's founders say they are the "first in the world" to offer insurance for Bitcoin owners.

Stolen bitcoins cannot be recovered as all transactions are irreversible.

Online wallets used to store bitcoins have been subject to a number of cyber-attacks and some users have also suffered from accidental loss.

James Howells lost about £4.6m when he threw away his hard drive, forgetting that he had bitcoins stored on it.

Elliptic co-founder Tom Robinson says the service addresses a "deep concern" among Bitcoin users
Unlike money stored in a conventional bank, bitcoins are not insured and there is no way of retrieving them once they are gone.

'Obvious step'

"One of the main concerns people have with Bitcoin is that it's quite difficult to store securely," Elliptic co-founder Tom Robinson told the BBC.

"Offering people insurance seemed an obvious step."

But convincing an insurance firm to trust the nascent currency was not an easy task.

"It was very difficult to find an insurer," said Mr Robinson, an Oxford graduate with a PhD in physics who started the company with two friends.

"The industry is very conservative and they did not understand Bitcoin.

"They were also influenced by the negative publicity Bitcoin received, although this has improved since Silk Road [an online marketplace] was taken down and stopped dominating the Bitcoin agenda."

Layers of security

The company is underwritten by Lloyd's of London, which will give people "more faith in the Bitcoin system", according to Emily Spaven, managing editor of CoinDesk, a digital currency news site.

Insurance payouts will be calculated using the Bitcoin to US dollar exchange rate at the time a claim is made.

Elliptic's focus is on storing bitcoins as securely as possible, using what Mr Robinson calls "deep cold storage" techniques.

Bitcoin keys are encrypted and stored offline. There are multiple copies, protected by layers of cryptographic and physical security.

The copies are accessible only via a quorum of Elliptic's directors.

Illicit financing

Elliptic's launch comes as Bitcoin has been making news around the world, with governments deciding how to legislate for the currency.

Singapore has become one of the first countries to issue guidance on taxation for Bitcoin businesses, although it also said it was monitoring transactions to detect illicit financing by criminals and terrorists.

Bitcoin was less fortunate in China, where the largest online marketplace, Alibaba Group's Taobao, said it would ban virtual currencies.

The data breach began on or around 29 November, known as Black Friday, one of the busiest shopping days of the year.

The company said customers would have "zero liability" for any fraud losses.

But this hasn't stopped some customers suing Target, claiming that Target failed to notify them of the breach before it was first reported and did not "maintain reasonable security procedures" to prevent the attack.

"I know that it is frustrating for our guests to learn that this information was taken and we are truly sorry they are having to endure this," said Gregg Steinhafel, Target's chairman, president and chief executive officer.

Target is offering one year of free credit monitoring and identity theft protection to all its US customers.

Data-stealing code

Security researcher Brian Krebs, writing about the breach in December, said sources at credit card payment processing firms had told him the thieves had installed data-stealing code on to card-swipe machines at tills in all 1,797 Target stores.

The thieves stole data between Thanksgiving and 15 December, said Target. This data is often sold on to criminals via underground marketplaces.

The largest ever credit card breach at a US retailer took place in 2007 when cyber-thieves managed to steal information related to almost 46 million credit and debit cards from TJ Maxx and Marshalls.

The thieves amassed the huge cache of data over an 18-month period after penetrating the retailers' computer network.

Saturday, 4 January 2014

Look into the future a moment and imagine Christmas shopping 2014. Target offers a great deal on a perfect gift. At the register, you recall that someone stole 40 million credit card numbers from the retailer in late 2013. Then, you as flick your fingerprint across the front of the biometric reader of your new credit card, you smile, relaxed that your number will work just a single time and thus would be useless to steal from Target’s computer system.

That’s the new technology in development at Epic One, a Houston startup that will introduce its pilot credit cards with fingerprint reader and microprocessor inside later this year. It works, in essence, by offering a type of dual factor authentication, a second piece of information that confirms that you are who you claim to be before approving the transaction. The Epic One card never exposes your Visa, MasterCard, Amex or other cards to the network where most of the data hijacking occurs.

When a shopper uses an Epic One card, his fingerprint scan on the card generates a green light on top that signals to the merchant it’s okay to swipe the card. Then the transaction is relayed to the card’s issuing bank and to Epic One. The only data Target sees is your Epic One card number plus the one-time use code. Even if someone hacks into the credit card processing system subsequently, the Epic One card number will not work a second time because the thief can’t generate a valid code to use it.

“The root cause of fraud is the exposure of this information,” says William Gomez Jr., the co-founder and CEO. “The Epic One card does not hold any details of any credit cards. Neither does the Epic One application that runs on your smartphone. None of these devices hold any of your credit card information. The Epic One card grants you temporary access to your cloud wallet that is stored within Epic One’s back-end systems.”

For details:
http://www.forbes.com/sites/adamtanner/2014/01/03/heres-how-credit-cards-can-thwart-target-style-hacking/

After hackers compromised an estimated 4.6 million Snapchat accounts, the Venice, California-based messaging startup is finally admitting it has a problem—but it's making no apologies. Over the holidays, a whitehat hacker collective published what it claimed was Snapchat's API and two security ex...

The Foreign Intelligence Surveillance Court has renewed NSA's phone-collection program, allowing the agency to continue collecting every American's telephone records every day. WASHINGTON (AP) — A secretive U.S. spy court has ruled again that the National Security Agency can keep collecting every...

Cyber security company FireEye has acquired Mandiant, a firm known for responses to network breaches, in a deal worth more than $1bn (£608m).

Mandiant rose to prominence last year after it alleged that a secretive branch of China's military had stolen data from more than 100 global firms.

The deal, one of the largest ones in the sector recently, comes amid increased worries over cyber security.

FireEye shares rose 24% in after hours trading in New York on the deal.

The companies said they had agreed the deal on 30 December, but only made it public on Thursday after close of US markets.

FireEye and Mandiant had entered into a technology development agreement in 2013.

"Organizations today are faced with knitting together a patchwork of point products and services to protect their assets from advanced threats," David DeWalt, chief executive of FireEye, said in a statement.

"Together, the size and global reach of FireEye and Mandiant will enable us to innovate faster, create a more comprehensive solution, and deliver it to organizations around the world at a pace that is unmatched by other security vendors."

Kevin Mandia, Mandiant's founder and chief executive officer prior to the acquisition, has been appointed as the chief operating officer of FireEye.

The US National Security Agency is building a quantum computer to break the encryption that keeps messages secure, reports the Washington Post.

The NSA project came to light in documents passed to the newspaper by whistle-blower Edward Snowden.

The spying agency hopes to harness the special qualities of quantum computers to speed up its code-cracking efforts.

The NSA is believed to have spent about $80m (£49m) on the project but it has yet to produce a working machine.

If the NSA managed to develop a working quantum computer it would be put to work breaking encryption systems used online and by foreign governments to keep official messages secure, suggest the documents excerpted in the Post.

The quantum computer is being developed under a research programme called Penetrating Hard Targets and is believed to be conducted out of a lab in Maryland.

About Me

I have been working for Indonesian Police Forensic Laboratory Centre (Puslabfor Bareskrim Polri) since 1997. My current job is the Chief of Computer Forensic Sub-Department. I have core duties to handle digital forensic investigation and analysis on electronic and digital evidence. I am the pioneer of developing computer forensic capabilities at Puslabfor Bareskrim Polri which was started in around 2000. Last year, in 2012 I and my team successfully investigated and analyzed 488 items of evidence which came from 81 cases of computer crime and computer-related crime.
In 2012 I wrote a book with the title "Digital Forensic: Practical Guidelines for Forensic Investigation". Its contents is mostly from knowledge and science I got from joining the MSc in Forensic Informatics at the University of Strathclyde, in the UK in 2008/2009 through the Chevening Scholarships. In 2010, the British Council in Indonesia gave me a prestigious award as one of "The Super Six UK Alumni".